Vulmon Recent Vulnerabilities Trends Blog About Contact

elevation of privilege vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv2
CVE-2008-4032
Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information,...
MicrosoftOffice Sharepoint ServerSearch Server
7.2
CVSSv2
CVE-2008-4036
Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of...
MicrosoftWindows Server 2003Windows Server 2008Windows VistaWindows Xp
8.5
CVSSv2
CVE-2017-8633
Windows Error Reporting (WER) in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability, aka "Windows Error...
MicrosoftWindows 10Windows 7Windows 8.1Windows Rt 8.1Windows Server 2008Windows Server 2012Windows Server 2016
7.2
CVSSv2
CVE-2013-1285
The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically...
MicrosoftWindows 7Windows 8Windows Server 2003Windows Server 2008Windows Server 2012Windows VistaWindows Xp
7.2
CVSSv2
CVE-2013-1286
The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically...
MicrosoftWindows 7Windows 8Windows Server 2003Windows Server 2008Windows Server 2012Windows VistaWindows Xp
7.2
CVSSv2
CVE-2013-1287
The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically...
MicrosoftWindows 7Windows 8Windows Server 2003Windows Server 2008Windows Server 2012Windows VistaWindows Xp
10
CVSSv2
CVE-2013-3175
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a malformed asynchronous RPC request, aka...
MicrosoftWindows 7Windows 8Windows RtWindows Server 2003Windows Server 2008Windows Server 2012Windows VistaWindows Xp
4.3
CVSSv2
CVE-2013-1289
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization...
MicrosoftGroove ServerInfopathOffice Web AppsSharepoint FoundationSharepoint Server
4
CVSSv2
CVE-2019-1260
An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'....
MicrosoftSharepoint Enterprise ServerSharepoint FoundationSharepoint Server
4.6
CVSSv2
CVE-2018-8219
An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers....
MicrosoftWindows 10Windows Server 2016
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
tinyCVE-2020-1337fuel cmsCVE-2020-9228HTML injectionwebsphere application serverCVE-2020-1380CVE-2020-8742CVE-2020-11733open redirectCVE-2020-7360SSTIgitlab